| Patent application number | Description | Published |
|---|
| 20120167166 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR ENABLING COMMUNICATION BETWEEN SECURITY SYSTEMS - A system, method, and computer program product are provided for enabling communication between security systems. In use, a first communication protocol of a first security system and a second communication protocol of a second security system are identified, where the first communication protocol and the second communication protocol are different such that the first security system and the second security system are incapable of communicating therebetween. Further, the first security system is updated with a first security definition and/or the second security system is updated with a second security definition for enabling communication between the first security system and the second security system. | 06-28-2012 |
| 20130074186 | DEVICE-TAILORED WHITELISTS - A particular set of attributes of a particular computing device is identified. A first plurality of whitelisted objects is identified in a global whitelist corresponding to the particular set of attributes. A particular whitelist is generated to include the identified set of whitelisted objects, the particular whitelist tailored to the particular computing device. In some aspects, device-tailored updates to the particular whitelist are also generated. | 03-21-2013 |
| 20130246038 | EMULATOR UPDATING SYSTEM AND METHOD - One embodiment includes a method and computer program product for distributing and/or receiving a first emulator extension with respect to an emulator capable of performing an emulation using emulation code. The first emulator extension includes program instructions that aid in the process of emulating in order to detect potentially unwanted computer software. Such program instructions of the first emulator extension are additional beyond that associated with the emulator code, for assisting the emulator code in the emulation by patching the additional program instructions into the emulator in order to aid in detecting the potentially unwanted computer software within the suspect code. In use, an emulation is performed using the first emulator extension and the suspect code. The emulation is performed within an insulated environment in a computer system so that the computer system is insulated from potentially unwanted actions of the suspect code. | 09-19-2013 |
| 20130247198 | Emulator updating system and method - One embodiment includes a method and computer program product for distributing and/or receiving a first emulator extension with respect to an emulator capable of performing an emulation using emulation code. The first emulator extension includes program instructions that aid in the process of emulating in order to detect potentially unwanted computer software. Such program instructions of the first emulator extension are additional beyond that associated with the emulator code, for assisting the emulator code in the emulation by patching the additional program instructions into the emulator in order to aid in detecting the potentially unwanted computer software within the suspect code. In use, an emulation is performed using the first emulator extension and the suspect code. The emulation is performed within an insulated environment in a computer system so that the computer system is insulated from potentially unwanted actions of the suspect code. | 09-19-2013 |
| 20140007234 | PREVENTING ATTACKS ON DEVICES WITH MULTIPLE CPUs | 01-02-2014 |
| 20140053263 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR SENDING INFORMATION EXTRACTED FROM A POTENTIALLY UNWANTED DATA SAMPLE TO GENERATE A SIGNATURE - A system, method and computer program product are provided for sending information extracted from a potentially unwanted data sample to generate a signature. In use, information is extracted from a portion of a sample of potentially unwanted data. Further, the information is sent to generate a signature. | 02-20-2014 |
| 20140123279 | DYNAMIC QUARANTINING FOR MALWARE DETECTION - A method includes detecting a portion of data on an electronic device, determining a first representation of the malware status of the data, quarantining the data for a period of time, estimating whether the data is associated with malware by comparing the first and second representation, and, based on the estimation, releasing the data from quarantine. The first representation indicates that the malware status of the data is not certain to be safe and the malware status of the data is not certain to be malicious. | 05-01-2014 |
| 20140180666 | User Driven Emulation of Applications - Systems and methods allow a user to select one or more applications that are intended to be downloaded to a device (e.g., phone, tablet, PC) and create an emulation environment for testing aspects of the one or more applications prior to download. The emulation environment can be virtual (via emulation or virtual machine) or instrumented by remotely controlling actual hardware. Metrics collected from the emulation environment can include security and usability related aspects of the applications. Interaction between the applications themselves, the applications and other resources, and the user and the applications (e.g., configuration preferences, usage patterns) can be monitored by systems facilitating hosting of the emulation environment. For example, collected metrics can be used to create a measure for security, reputation, user-preference, etc. regarding the applications. Metrics can be shared amongst other potential users to assist in their purchase or usage of the applications. | 06-26-2014 |
| 20140283076 | PROFILING CODE EXECUTION - Technologies for securing an electronic device may include determining a plurality of rules, monitoring execution of the electronic device, generating a notification that one of the operations has occurred based upon the rules, and, based on the notification and the pattern of the operations, determining whether the operations are indicative of malware. The rules may include an identification of a plurality of entities of the electronic device to be monitored, an identification of one or more operations between the entities to be monitored, and an identification of a pattern of the operations to be monitored. | 09-18-2014 |
| 20150281888 | PROVABLE GEO-LOCATION - A geo-location provider station signs geo-location data and a previous signature provided by a mobile device, returning a new signature to the mobile device. The mobile device uses the new signature when requesting a signature from another geo-location provider station. The mobile device stores the geo-location data and the signatures provided by geo-location provider stations. The stored geo-location data may be verified upon request by using the stored signature data. | 10-01-2015 |
| Patent application number | Description | Published |
|---|
| 20150088967 | ADAPTIVE AND RECURSIVE FILTERING FOR SAMPLE SUBMISSION - Disclosed are systems, apparatuses, computer readable media, and methods of using an adaptive (i.e., learning) client-server system to enhance the efficiency of sample submissions, e.g., the submission of samples of malware programs to a server dictionary. The server in such a system may accumulate a dictionary of known programs and/or portions of programs that have been submitted by many different client devices over time, representing all the various programs that they have encountered. If a portion of a particular file submission is already “available” to the server (i.e., it is a portion that the server has already analyzed and stored), it will be excluded from all future sample transmissions. The server will gradually accumulate a rich dictionary of common program portions, thus requesting transmission only of previously unseen portions. Such systems, apparatuses, computer readable media, and methods may therefore be used to reduce transmission times needed for future sample submissions. | 03-26-2015 |
| 20150222667 | PROTECTION SYSTEM INCLUDING SECURITY RULE EVALUATION - This disclosure is directed to a protection system including security rule evaluation. A device may comprise a protection module to identify threats to at least one of the device or to a network including the device. The protection module may include, for example, a rule evaluator (RE) module to evaluate proposed security rules for identifying the threats based on at least one ground truth scenario and to determine whether to promote the proposed security rules to new security rules. The proposed security rules may be generated by the protection module or received from other devices in the network or other networks. New security rules may be shared with the other devices and/or networks. The RE module may further trigger an independent evaluation of the proposed security rules, which may also be considered when determining whether to add the proposed security rules to the set of active rules in the device. | 08-06-2015 |
| 20150257026 | OPTIMIZING COMMUNICATION FOR MOBILE AND EMBEDDED DEVICES - This disclosure relates generally to systems, apparatuses, methods, and computer readable media for optimizing communications for mobile and embedded devices. More particularly, but not by way of limitation, this disclosure relates to systems, apparatuses, methods, and computer readable media to permit mobile devices, e.g., smartphones, tablets, ultrabooks, and the like, which may frequently suffer from intermittent Internet connectivity, e.g., as their owners move around between access points, to estimate the duration of the remaining “window of opportunity” for data transmissions and then select and/or tailor data transmissions to be able to complete as much of the desired data transfer as possible before the expected connectivity loss. In some embodiments, signal strength over time may be analyzed and correlated with a history of connectivity for a particular user and/or device in order to improve the estimation of the remaining “window of opportunity” for data transmission. | 09-10-2015 |
| 20150365427 | TECHNIQUES FOR INTEGRATED ENDPOINT AND NETWORK DETECTION AND ERADICATION OF ATTACKS - Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed. | 12-17-2015 |
| Patent application number | Description | Published |
|---|
| 20130246466 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR TRACKING THE MIGRATION OF OBJECTS TO DETERMINE WHETHER TO PERFORM A NETWORK BASED CHECK - A system, method, and computer program product are provided for tracking the migration of objects to determine whether to perform a network based check. In operation, an object is identified. Furthermore, a first security niche associated with the object is determined. Additionally, it is determined if the object is migrating from the first security niche to a second security niche. Still yet, a network based security check is conditionally performed if it is determined the object is migrating from the first security niche to the second security niche. | 09-19-2013 |
| 20130276106 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR VERIFYING AN IDENTIFICATION OF PROGRAM INFORMATION AS UNWANTED - A system, method, and computer program product are provided for verifying an identification of program information as unwanted. In use, program information is identified as unwanted at a client. Furthermore, the identification of the program information as unwanted is verified, utilizing a communication between the client and a server. | 10-17-2013 |
